Device Posture Checks

The Device Posture Checks API provides operations to manage custom device posture checks for use in device assurance policies in your organization.

Create a device posture check
Early Access
OAuth 2.0:
  • okta.devicePostureChecks.manage

Creates a device posture check

Request
Request Body schema: application/json
required
description
string

Description of the device posture check

name
string

Display name of the device posture check

platform
string (DevicePostureChecksPlatform)
Enum: "MACOS" "WINDOWS"
query
string

OSQuery for the device posture check

object (DevicePostureChecksRemediationSettings)

Represents the remediation instructions shown to the end user when the device posture check fails

object
defaultUrl
string

Default URL for the link. This property is only relevant if type is set to BUILTIN. If type is set to CUSTOM, this field is ignored.

customUrl
string

Custom URL for the link

object
defaultI18nKey
string

Default i18n key for the message. This property is only relevant if type is set to BUILTIN. If type is set to CUSTOM, this field is ignored.

customText
string

Custom text for the message

type
string (DevicePostureChecksType)
Enum: "BUILTIN" "CUSTOM"
variableName
string

Unique name of the device posture check

Responses
200

OK

400

Bad Request

403

Forbidden

429

Too Many Requests

post/api/v1/device-posture-checks
Request samples
application/json
{
  • "name": "Device posture check macOS",
  • "description": "Query macOS devices to check if firewall is enabled",
  • "variableName": "macOSFirewall",
  • "platform": "MACOS",
  • "type": "CUSTOM",
  • "query": "SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM alf;",
  • "remediationSettings": {
    • "message": {
      },
    • "link": {
      }
    }
}
Response samples
application/json
{
  • "id": "dch3m8o4rWhwReDeM1c5",
  • "name": "Device posture check macOS",
  • "lastUpdate": "2022-01-01T00:00:00.000Z",
  • "createdUpdate": "2022-01-01T00:00:00.000Z",
  • "lastUpdatedBy": "00u217pyf72CdUrBt1c5",
  • "createdBy": "00u217pyf72CdUrBt1c5",
  • "description": "Query macOS devices to check if firewall is enabled",
  • "variableName": "macOSFirewall",
  • "query": "SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM alf;",
  • "platform": "MACOS",
  • "type": "CUSTOM",
  • "remediationSettings": {
    • "message": {
      },
    • "link": {
      }
    },
  • "_links": {}
}

List all default device posture checks
Early Access
OAuth 2.0:
  • okta.devicePostureChecks.read

Lists all default device posture checks. Default device posture checks are defined by Okta. Their type will always be BUILTIN.

Responses
200

OK

403

Forbidden

429

Too Many Requests

get/api/v1/device-posture-checks/default
Request samples 
Response samples 
application/json
[
  • {
    • "createdBy": "00u217pyf72CdUrBt1c5",
    • "createdDate": "2019-10-02T18:03:07.000Z",
    • "description": "Query macOS devices to check if firewall is enabled",
    • "id": "dch3m8o4rWhwReDeM1c5",
    • "lastUpdate": "2019-10-02T18:03:07.000Z",
    • "lastUpdatedBy": "00u217pyf72CdUrBt1c5",
    • "name": "Device posture check macOS",
    • "platform": "MACOS",
    • "query": "SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM  alf;",
    • "remediationSettings": {},
    • "type": "BUILTIN",
    • "variableName": "macOSFirewall",
    • "_links": {
      }
    }
]
Replace a device posture check
Early Access
OAuth 2.0: 
  • okta.devicePostureChecks.manage
Replaces a device posture check by postureCheckId


Request 
path Parameters
postureCheckId
required
string
ID of the device posture check


 
Request Body schema: application/json
required
description
string
Description of the device posture check


 
name
string
Display name of the device posture check


 
platform
string (DevicePostureChecksPlatform) 
 Enum: "MACOS" "WINDOWS"  
query
string
OSQuery for the device posture check


 
object (DevicePostureChecksRemediationSettings) 
Represents the remediation instructions shown to the end user when the device posture check fails


 
object
 
defaultUrl
string
Default URL for the link. This property is only relevant if type is set to BUILTIN. If type is set to CUSTOM, this field is ignored.


 
customUrl
string
Custom URL for the link


 
object
 
defaultI18nKey
string
Default i18n key for the message. This property is only relevant if type is set to BUILTIN. If type is set to CUSTOM, this field is ignored.


 
customText
string
Custom text for the message


 
type
string (DevicePostureChecksType) 
 Enum: "BUILTIN" "CUSTOM"  
variableName
string
Unique name of the device posture check


 
Responses 
200
OK


400
Bad Request


403
Forbidden


404
Not Found


429
Too Many Requests


put/api/v1/device-posture-checks/{postureCheckId}
Request samples 
application/json
{
  • "name": "Device posture check macOS",
  • "description": "Query macOS devices to check if firewall is enabled",
  • "variableName": "macOSFirewall",
  • "platform": "MACOS",
  • "type": "CUSTOM",
  • "query": "SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM alf;",
  • "remediationSettings": {
    • "message": {
      },
    • "link": {
      }
    }
}
Response samples 
application/json
{
  • "id": "dch3m8o4rWhwReDeM1c5",
  • "name": "Device posture check macOS",
  • "lastUpdate": "2022-01-01T00:00:00.000Z",
  • "createdUpdate": "2022-01-01T00:00:00.000Z",
  • "lastUpdatedBy": "00u217pyf72CdUrBt1c5",
  • "createdBy": "00u217pyf72CdUrBt1c5",
  • "description": "Query macOS devices to check if firewall is enabled",
  • "variableName": "macOSFirewall",
  • "query": "SELECT CASE WHEN global_state = 0 THEN 0 ELSE 1 END AS firewall_enabled FROM  alf;",
  • "platform": "MACOS",
  • "type": "CUSTOM",
  • "remediationSettings": {
    • "message": {
      },
    • "link": {
      }
    },
  • "_links": {}
}